Member of Technical Staff, Security Operations

Responsibilities

• Build and maintain security automation and tooling to detect vulnerabilities through static and dynamic analysis across code and live systems.
• Conduct application security assessments, penetration tests, and code reviews to identify high-risk security issues and provide secure development guidance.
• Develop and operate vulnerability management workflows, partnering with engineering teams to prioritize and remediate findings.
• Establish and test security guardrails for code, cloud resources, and infrastructure components.
• Monitor and respond to security events and configuration anomalies, leading investigation and containment efforts.
• Manage the full vulnerability lifecycle from discovery through remediation.
• Lead Security Operations initiatives with minimal oversight.
• Deliver assurance artifacts for regulated entity requirements.

Requirements

• 3+ years of hands-on experience in security engineering, application security, penetration testing, or security operations.
• Experience building or maintaining security tools, integrations, or automation workflows using Python, Go, or similar.
• Proficiency in vulnerability assessment in applications, APIs, and cloud infrastructure.
• Experience with static and dynamic analysis tools like Semgrep, CodeQL, Burp Suite.
• AWS security fundamentals including IAM, VPCs, security groups, CloudTrail.
• Incident response skills: investigate events, root cause analysis.
• Computer science fundamentals (concurrency, algorithms, data structures).

Nice-to-Haves

• Experience with bug bounty programs (HackerOne, Bugcrowd).
• Regulated financial services, fintech, or crypto environment.
• Blockchain security, smart contract auditing, Web3 technologies.
• Open-source security tools contributions.
• Certifications (OSCP, GWAPT, GCIH, AWS Security Specialty).